Comments (3)
cc @james-masson ref #2959
from terraform-aws-eks.
- This is a general problem we've seen with using cluster placement groups (EFA potentially included)
- This could actually be seen as a more general enhancement where you want a different AZ layout on a single node group.
Consider an EKS cluster deployed across 3 availability zones.
A nodegroup that makes use of a "cluster" placement group will only be able to deploy into a single one of these AZs. That's the point of the "cluster" placement group, to put the instances into the same physical rack.
It turns out that on initial deployment, this configuration is not a problem. The nodegroup with cluster placement successfully gets deployed into a single AZ of the 3 subnets configured with no errors. Arguably this itself is a bug.
However, when it comes time to replace or upgrade the nodegroup, you get the error listed by my colleague @Josephuss
For some reason the A/Z or subnet deployment problem only happens on replacement.
This PR tries to fix this issue by adding the concept of a AZ filter into the nodegroups, to allow nodegroups to be deployed into a subset of the subnets that the rest of the cluster is configured with.
We're aware that this can be currently worked around by overriding subnet ids.
https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/node_groups.tf#L308
eg.
eks_managed_node_groups = {
my_custom_nodegroup = {
name = "customer1"
subnet_ids = [ "subnet-abc12345" ]
}
}
But this is quite fragile, because:
- We frequently do full create/destroy cycles - so these references change.
- We expose nodegroup config to our internal customers as a variable - so they can declare their own requirements. This precludes allowing direct terraform references like
module.vpc.my_subnets_in_az_x
Hence seeing the general value in an interface like this - it's more practical, understandable and portable, and it has value outside of placement groups too.
eks_managed_node_groups = {
my_custom_nodegroup = {
name = "customer1"
subnet_az_filter = "eu-west-1a"
}
}
from terraform-aws-eks.
Related Issues (20)
- Manage node group user data is not being parsed HOT 4
- eks-managed-node-group requires cluster_service_cidr when use_custom_launch_template = false HOT 1
- Module argument cluster_encryption_config does not handle a null value HOT 1
- No way to tackle Karpenter when KMS is mandatory by default HOT 22
- fargate-profile: restrict role access based on SourceArn (or custom assume_role_policy) HOT 2
- Error: waiting for Security Group with node_security_group_additional_rules HOT 2
- Allow tags in metadata and launch template tags not being applied to eks managed launch template HOT 3
- accessEntries not removed on node group(s) deletion HOT 3
- ERROR: The cluster's authentication mode must be set to one of [API, API_AND_CONFIG_MAP] to perform this operation. HOT 2
- Log rotation configuration. HOT 1
- Should be able to configure "cluster-dns-ip" HOT 1
- Changing authentication_mode in latest module version does not result in any changes to infrastructure HOT 1
- Request to do not include other terraform-aws-modules inside the terraform-aws-eks HOT 7
- karpenter: `iam:PassedToService` has to be `ec2.amazonaws.com.cn` in AWS China
- how to assign additional security groups to a node HOT 1
- Access entry for aws console HOT 6
- Self-Managed Node Groups Not Joining EKS Cluster (CoreDNS 'DEGRADE' Error) HOT 23
- Karpenter example missing basic permissions HOT 12
- aws-auth configmap while calling using module throws error
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-aws-eks.